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Preface 

There is the book, Inspector. I leave it with you, and you cannot doubt that it contains a full explanation. 

— The Adventure of the Lion’s Mane, Sir Arthur Conan Doyle 


Background 

A host of factors have converged to produce the latest revolution in computer and communications 
networking; 

■ Demand: Enterprises are faced with a surge of demands that focus their attention on the need 
to design, evaluate, manage, and maintain sophisticated network infrastructures. These trends 
include the following: 

■ Big data: Enterprises large and small increasingly rely on processing and analyzing mas¬ 
sive amounts of data. To process large quantities of data within tolerable time periods, 
big data may need distributed file systems, distributed databases, cloud computing plat¬ 
forms, Internet storage, and other scalable storage technologies. 

■ Cloud computing: There is an increasingly prominent trend in many organizations to 
move a substantial portion or even all information technology (IT) operations to an 
Internet-connected infrastructure known as enterprise cloud computing. This drastic 
shift in IT data processing is accompanied by an equally drastic shift in networking 
requirements. 

■ Internet of Things (loT): The loT involves large numbers of objects that use standard 
communications architectures to provide services to end users. Billions of such devices 
will be interconnected in industrial, business, and government networks, providing new 
interactions between the physical world and computing, digital content, analysis, applica¬ 
tions, and services. loT provides unprecedented opportunities for users, manufacturers, 
and service providers in a wide variety of sectors. Areas that will benefit from loT data 
collection, analysis, and automation capabilities include health and fitness, healthcare, 
home monitoring and automation, energy savings and smart grid, farming, transportation, 
environmental monitoring, inventory and product management, security, surveillance, 
education, and many others. 

■ Mobile devices: Mobile devices are now an indispensable part of every enterprise IT in¬ 
frastructure, including employer supplied and bring your own device (BYOD). The large 
population of mobile devices generates unique new demands on network planning and 
management. 

■ Capacity: Two interlocking trends have generated new and urgent requirements for intelligent 
and efficient network design and management: 
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■ Gigabit data rate networks: Ethernet offerings have reached 100 Gbps with further 
increases in the works. Wi-Fi products at almost 7 Gbps are available. And 4G and 5G 
networks bring gigabit speeds to cellular networks. 

■ High-speed, high-capacity servers: Massive blade servers and other high-performance 
servers have evolved to meet the increasing multimedia and data processing requirements 
of enterprises, calling for a need for efficiently designed and managed networks. 

■ Complexity: Network designers and managers operate in a complex, dynamic environment, in 
which a range of requirements, most especially quality of service (QoS) and quality of expe¬ 
rience (QoE) require flexible, manageable networking hardware and services. 

■ Security: With increasing reliance on networked resources, an increasing need emerges for net¬ 
works that provide a range of security services. 

With the development of new network technologies in response to these factors, it is imperative 
for system engineers, system analysts, IT managers, network designers, and product marketing 
specialists to have a firm grasp on modern networking. These professionals need to understand the 
implications of the factors listed above and how network designers have responded. Dominating this 
landscape are (1) two complementary technologies that are rapidly being developed and deployed 
(software-defined networking [SDN] and network functions virtualization [NFV]) and (2) the need to 
satisfy QoS and QoE requirements. 

This book provides the reader with a thorough understanding of SDN and NFV and their practical 
deployment and use in today’s enterprises. In addition, the book provides clear explanations of QoS/ 
QoE and the whole range of related issues, such as cloud networking and loT. This is a technical 
book, intended for readers with some technical background, but is sufficiently self-contained to be a 
valuable resource for IT managers and product marketing personnel, in addition to system engineers, 
network maintenance personnel, and network and protocol designers. 


Organization of the Book 

The book consists of six parts: 

■ Modern Networking: Provides an overview of modern networking and a context for the re¬ 
mainder of the book. Chapter 1 is a survey of the elements that make up the networking ecosys¬ 
tem, including network technologies, network architecture, services, and applications. Chapter 
2 examines the requirements that have evolved for the current networking environment and 
provides a preview of key technologies for modern networking. 

■ Software-Defined Networks: Devoted to a broad and thorough presentation of SDN concepts, 
technology, and applications. Chapter 3 begins the discussion by laying out what the SDN 
approach is and why it is needed, and provides an overview of the SDN architecture. This 
chapter also looks at the organizations that are issuing specifications and standards for SDN. 
Chapter 4 is a detailed look at the SDN data plane, including the key components, how they 
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interact, and how they are managed. Much of the chapter is devoted to OpenFlow, a vital data 
plane technology and an interface to the control plane. The chapter explains why OpenFlow 
is needed and then proceeds to provide a detailed technical explanation. Chapter 5 is devoted 
to the SDN control plane. It includes a discussion of OpenDaylight, an important open source 
implementation of the control plane. Chapter 6 covers the SDN application plane. In addition 
to examining the general SDN application plane architecture, the chapter discusses six major 
application areas that can be supported by SDN and provides a number of examples of SDN 
applications. 

■ Virtualization: Devoted to a broad and thorough presentation of network functions virtu¬ 
alization (NFV) concepts, technology, and applications, as well as a discussion of network 
virtualization. Chapter 7 introduces the concept of virtual machine, and then looks at the use 
of virtual machine technology to develop NFV-based networking environments. Chapter 8 
provides a detailed discussion of NFV functionality. Chapter 9 looks at traditional concepts of 
virtual networks, then at the more modern approach to network virtualization, and finally intro¬ 
duces the concept of software defined infrastructure. 

■ Defining and Supporting User Needs: Equally as significant as the emergence of the SDN 
and NFV is the evolution of quality of service (QoS) and quality of experience (QoE) to 
determine customer needs and network design responses to those needs. Chapter 10 provides an 
overview of QoS concepts and standards. Recently QoS has been augmented with the concept 
of QoE, which is particularly relevant to interactive video and multimedia network traffic. 
Chapter 11 provides an overview of QoE and discusses a number of practical aspects of imple¬ 
menting QoE mechanisms. Chapter 12 looks further into the network design implications of the 
combined use of QoS and QoE. 

■ Modern Network Architecture: Clouds and Fog: The two dominant modern network archi¬ 
tectures are cloud computing and the Internet of things (loT), sometimes referred to as fog 
computing. The technologies and applications discussed in the preceding parts all provide 

a foundation for cloud computing and loT. Chapter 13 is a survey of cloud computing. The 
chapter begins with a definition of basic concepts, and then covers cloud services, deployment 
models, and architecture. The chapter then discusses the relationship between cloud computing 
and SDN and NEV. Chapter 14 introduces loT and provides a detailed look at the key compo¬ 
nents of loT-enabled devices. Chapter 15 looks at several model loT architectures and then 
describes three example loT implementations. 

■ Related Topics: Discusses two additional topics that, although important, do not conveniently 
fit into the other Parts. Chapter 16 provides an analysis of security issues that have emerged 
with the evolution of modern networking. Separate sections deal with SDN, NEV, cloud, and 
loT security, respectively. Chapter 17 discusses career-related issues, including the changing 
role of various network-related jobs, new skill requirements, and how the reader can continue 
his or her education to prepare for a career in modern networking. 
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Supporting Websites 

I maintain a companion website at WilliamStallings.com/Network that 
includes a list of relevant links organized by chapter and an errata sheet for 
the book. 



Companion website 


I also maintain the Computer Science Student Resource Site, at 
ComputerScienceStudent.com. The purpose of this site is to provide 
documents, information, and links for computer science students and 
professionals. Links and documents are organized into seven categories: 



Computer Science 
Student Resource 
Site 


■ Math: Includes a basic math refresher, a queuing analysis primer, a number system primer, and 
links to numerous math sites. 

■ How-to: Advice and guidance for solving homework problems, writing technical reports, and 
preparing technical presentations. 

■ Research resources: Links to important collections of papers, technical reports, and bibliogra¬ 
phies. 

■ Other useful: A variety of other useful documents and links. 

■ Computer science careers: Useful links and documents for those considering a career in 
computer science. 

■ Writing help: Help in becoming a clearer, more effective writer. 

■ Miscellaneous topics and humor: You have to take your mind off your work once in a while. 
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Chapter 



SDN: Background and Motivation 

The requirements for a future all-digital-data distributed network which provides common user service for 
a wide range of users having different requirements is considered. The use of a standard format message 
block permits building relatively simple switching mechanisms using an adaptive store-and-forward rout¬ 
ing policy to handle all forms of digital data including “real-time” voice. This network rapidly responds to 
changes in network status. 

—On Distributed Communications: Introduction to Distributed Communications Networks, 

Rand Report RM-3420-PR, Paul Baran, August 1964 


Chapter Objectives 

After studying this chapter, you shouid be abie to 

■ Make a presentation justifying the position that traditional network architectures are inad¬ 
equate for modern networking needs. 

■ List and explain the key requirements for an SDN architecture. 

■ Present an overview of an SDN architecture, to include explaining the significance of 
northbound and southbound APIs. 

■ Summarize the work being done on SDN and NFV standardization by various organizations. 

This chapter begins the discussion of software-defined networks (SDNs) by providing some back¬ 
ground and motivation for the SDN approach. 
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3.1 Evolving Network Requirements 

A number of trends are driving network providers and users to reevaluate traditional 
approaches to network architecture. These trends can be grouped under the categories 
of demand, supply, and traffic patterns. 


Demand Is Increasing 

As was described in Chapter 2, “Requirements and Technology,” a number of trends 
are increasing the load on enterprise networks, the Internet, and other internets. Of 
particular note are the following: 

■ Cloud computing: There has been a dramatic shift by enterprises to both 
public and private cloud services. 

■ Big data: The processing of huge data sets requires massive parallel 
processing on thousands of servers, all of which require a degree of inter¬ 
connection to each other. Therefore, there is a large and constantly growing 
demand for network capacity within the data canter. 

■ Mobile traffic: Employees are increasingly accessing enterprise network 
resources via mobile personal devices, such as smartphones, tablets, and 
notebooks. These devices support sophisticated apps that can consume and 
generate image and video traffic, placing new burdens on the enterprise 
network. 

■ The Internet of Things (loT): Most “things” in the loT generate modest 
traffic, although there are exceptions, such as surveillance video cameras. But 
the sheer number of such devices for some enterprises results in a significant 
load on the enterprise network. 


Supply Is Increasing 

As the demand on networks is rising, so is the capacity of network technologies to 
absorb rising loads. In terms of transmission technology. Chapter 1, “Elements of 
Modern Networking,” established that the key enterprise wired and wireless network 
technologies, Ethernet and Wi-Fi respectively, are well into the gigabits per second 
(Gbps) range. Similarly, 4G and 5G cellular networks provide greater capacity for 
mobile devices from remote employees who access the enterprise network via cellular 
networks rather than Wi-Fi. 

The increase in the capacity of the network transmission technologies has been 
matched by an increase in the performance of network devices, such as LAN switches, 
routers, firewalls, intrusion detection system/intrusion prevention systems (IDS/IPS), 
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and network monitoring and management systems. Year by year, these devices have 
larger, faster memories, enabling greater buffer capacity and faster buffer access, as 
well as faster processor speeds. 


Traffic Patterns Are More Complex 

If it were simply a matter of supply and demand, it would appear that today’s networks 
should be able to cope with today’s data traffic. But as traffic patterns have changed 
and become more complex, traditional enterprise network architectures are increas¬ 
ingly ill suited to the demand. 

Until recently, and still common today, the typical enterprise network architecture 
consisted of a local or campus-wide tree structure of Ethernet switches with routers 
connecting large Ethernet LANs and connecting to the Internet and WAN facilities. 
This architecture is well suited to the client/server computing model that was at 
one time dominant in the enterprise environment. With this model, interaction, and 
therefore traffic, was mostly between one client and one server. In such an envi¬ 
ronment, networks could be laid out and configured with relatively static client and 
server locations and relatively predictable traffic volumes between clients and servers. 

A number of developments have resulted in far more dynamic and complex traffic 
patterns within the enterprise data center, local and regional enterprise networks, and 
carrier networks. These include the following: 

■ Client/server applications typically access multiple databases and servers that 
must communicate with each other, generating “horizontal” traffic between 
servers as well as “vertical” traffic between servers and clients. 

■ Network convergence of voice, data, and video traffic creates unpredictable 
traffic patterns, often of large multimedia data transfers. 

■ Unified communications (UC) strategies involve heavy use of applications that 
trigger access to multiple servers. 

■ The heavy use of mobile devices, including personal bring your own device 
(BYOD) policies, results in user access to corporate content and applications 
from any device anywhere any time. As illustrated previously in Figure 2.6 in 
Chapter 2, this mobile traffic is becoming an increasingly significant fraction 
of enterprise network traffic. 

■ The widespread use of public clouds has shifted a significant amount of what 
previously had been local traffic onto WANs for many enterprises, resulting in 
increased and often very unpredictable loads on enterprise routers. 

■ The now-common practice of application and database server virtualization has 
significantly increased the number of hosts requiring high-volume network ac¬ 
cess and results in every-changing physical location of server resources. 
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Traditional Network Architectures are Inadequate 

Even with the greater capacity of transmission schemes and the greater performance 
of network devices, traditional network architectures are increasingly inadequate in 
the face of the growing complexity, variability, and high volume of the imposed load. 
In addition, as quality of service (QoS) and quality of experience (QoE) requirements 
imposed on the network are expanded as a result of the variety of applications, the 
traffic load must be handled in an increasingly sophisticated and agile fashion. 

The traditional internetworking approach is based on the TCP/IP protocol archi¬ 
tecture. Three noteworthy characteristics of this approach are as follows: 

■ Two-level end system addressing 

■ Routing based on destination 

■ Distributed, autonomous control 

Let’s look at each of these characteristics in turn. 

The traditional architecture relies heavily on the network interface identity. At the 
physical layer of the TCP/IP model, devices attached to networks are identified by 
hardware-based identifiers, such as Ethernet MAC addresses. At the internetworking 
level, including both the Internet and private internets, the architecture is a network 
of networks. Each attached device has a physical layer identifier recognized within 
its immediate network and a logical network identifier, its IP address, which provides 
global visibility. 

The design of TCP/IP uses this addressing scheme to support the networking of auton¬ 
omous networks, with distributed control. This architecture provides a high level of 
resilience and scales well in terms of adding new networks. Using IP and distributed 
routing protocols, routes can be discovered and used throughout an internet. Using 
transport-level protocols such as TCP, distributed and decentralized algorithms can be 
implemented to respond to congestion. 

Traditionally, routing was based on each packet’s destination address. In this 
datagram approach, successive packets between a source and destination may follow 
different routes through the internet, as routers constantly seek to find the minimum- 
delay path for each individual packet. More recently, to satisfy QoS requirements, 
packets are often treated in terms of flows of packets. Packets associated with a given 
flow have defined QoS characteristics, which affect the routing for the entire flow. 

However, this distributed, autonomous approach developed when networks were 
predominantly static and end systems predominantly of fixed location. Based on these 
characteristics, the Open Networking Eoundation (ONE) cites four general limitations 
of traditional network architectures [ONE12]: 


TCP/IP 

protocol 

architecture 

The protocol 
architecture built 
around the TCP 
and IP protocols, 
consisting of five 
layers: physical, 
data link, network/ 
Internet (usually IP), 
transport (usually 
TCP or UDP), and 
application. 


packet 

A unit of data sent 
across a network. 

A packet is a group 
of bits that includes 
data plus protocol 
control information. 
The term generally 
applies to protocol 
data units at the 
network layer. 


packet 

switching 

A method of trans¬ 
mitting messages 
through a commu¬ 
nications network, 
in which long 
messages are 
subdivided into 
short packets. Each 
packet is passed 
from source to 
destination through 
intermediate nodes. 
At each node, the 
entire message is 
received, stored 
briefly, and then 
forwarded to the 
next node. 
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Datagram 

A packet that is 
treated indepen¬ 
dently of other 
packets for paoket 
switching. A 
datagram carries 
information sufficient 
for routing from 
the source to the 
destination without 
the necessity of 
establishing a logical 
connection between 
the endpoints. 


fiow 

A sequence of 
packets between 
a source and 
destination that are 
recognized by the 
network as related 
and are treated in a 
uniform fashion. 


■ Static, complex architecture: To respond for demands such as differing 
levels of QoS, high and fluctuating traffic volumes, and security requirements, 
networking technology has grown more complex and difficult to manage. This 
has resulted in a number of independently defined protocols each of which ad¬ 
dresses a portion of networking requirements. An example of the difficulty this 
presents is when devices are added or moved. The network management staff 
must use device-level management tools to make changes to configuration 
parameters in multiple switches, routers, firewalls, web authentication portals, 
and so on. The updates include changes to access control lists (ACLs), virtual 
LAN settings, QoS settings in numerous devices, and other protocol-related 
adjustments. Another example is the adjustment of QoS parameters to meet 
changing user requirements and traffic patterns. Manual procedures must be 
used to configure each vendor’s equipment on a per-application and even per- 
session basis. 

■ Inconsistent policies: To implement a network-wide security policy, staff 
may have to make configuration changes to thousands of devices and mecha¬ 
nisms. In a large network, when a new virtual machine is activated, it can take 
hours or even days to reconfigure ACLs across the entire network. 

■ Inability to scale: Demands on networks are growing rapidly, both in 
volume and variety. Adding more switches and transmission capacity, 
involving multiple vendor equipment, is difficult because of the complex, 
static nature of the network. One strategy enterprises have used is to oversub¬ 
scribe network links based on predicted traffic patterns. But with the increased 
use of virtualization and the increasing variety of multimedia applications, 
traffic patterns are unpredictable. 

■ Vendor dependence: Given the nature of today’s traffic demands on net¬ 
works, enterprises and carriers need to deploy new capabilities and services 
rapidly in response to changing business needs and user demands. A lack of 
open interfaces for network functions leaves the enterprises limited by the rela¬ 
tively slow product cycles of vendor equipment. 


3.2 The SDN Approach 

This section provides an overview of SDN and shows how it is designed to meet 
evolving network requirements. 


Requirements 

Based on the narrative of Section 3.1, we are now in a position to detail the principal 
requirements for a modern networking approach. The Open Data Center Alliance 
(ODCA) provides a useful, concise list of requirements, which include the following 
[ODCA14]: 
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■ Adaptability: Networks must adjust and respond dynamically, based on ap¬ 
plication needs, business policy, and network conditions. 

■ Automation: Policy changes must be automatically propagated so that 
manual work and errors can be reduced. 

■ Maintainability. Introduction of new features and capabilities (software 
upgrades, patches) must be seamless with minimal disruption of operations. 

■ Model management: Network management software must allow 
management of the network at a model level, rather than implementing 
conceptual changes by reconfiguring individual network elements. 

■ Mobility: Control functionality must accommodate mobility, including mobile 
user devices and virtual servers. 

■ Integrated security: Network applications must integrate seamless security 
as a core service instead of as an add-on solution. 

■ On-demand scaling: Implementations must have the ability to scale up or 
scale down the network and its services to support on-demand requests. 

SDN Architecture 

An analogy can be drawn between the way in which computing evolved from closed, 
vertically integrated, proprietary systems into an open approach to computing and 
the evolution coming with SDN (see Figure 3.1). In the early decades of computing, 
vendors such as IBM and DEC provided a fully integrated product, with a proprietary 
processor hardware, unique assembly language, unique operating system (OS), and 
the bulk if not all of the application software. In this environment, customers, espe¬ 
cially large customers, tended to be locked in to one vendor, dependent primarily 
on the applications offered by that vendor. Migration to another vendor’s hardware 
platform resulted in major upheaval at the application level. 

Today, the computing environment is characterized by extreme openness and 
great customer flexibility. The bulk of computing hardware consists of x86 and 
x86-compatible processors for standalone systems and ARM processors for embedded 
systems. This makes it easy to port operating systems implemented in C, C-H-, Java, 
and the like. Even proprietary hardware architectures, such as IBM’s zEnterprise line, 
provide standardized compilers and programming environments and so can easily 
run open sources operating systems such as Linux. Therefore, applications written 
for Linux or other open operating systems can easily be moved from one vendor 
platform to another. Even proprietary systems such as Windows and Mac OS provide 
programming environments to make porting of applications an easy matter. It also 
enables the development of virtual machines that can be moved from one server to 
another across hardware platforms and operating systems. 
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FIGURE 3.1 The Modern Approach to Computing and Networking 


Processor 


The networking environment today faces some of the same limitations faced in the 
pre-open era of computing. Here the issue is not developing applications that can run 
on multiple platforms. Rather, the difficulty is the lack of integration between applica¬ 
tions and network infrastructure. As demonstrated in the preceding section, traditional 
network architectures are inadequate to meet the demands of the growing volume and 
variety of traffic. 

The central concept behind SDN is to enable developers and network managers 
to have the same type of control over network equipment that they have had over 
x86 servers. As discussed in Section 2.6 in Chapter 2, the SDN approach splits the 
switching function between a data plane and a control plane that are on separate 
devices (see Figure 3.2). The data plane is simply responsible for forwarding 
packets, whereas the control plane provides the “intelligence” in designing routes, 
setting priority and routing policy parameters to meet QoS and QoE requirements 
and to cope with the shifting traffic patterns. Open interfaces are defined so that 
the switching hardware presents a uniform interface regardless of the details of 
internal implementation. Similarly, open interfaces are defined to enable networking 
applications to communicate with the SDN controllers. 
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(a) Traditional network architecture (b) SDN approach 

FIGURE 3.2 Control and Data Planes 

Figure 3.3 elaborates on the structure shown in Figure 2.15, showing more detail of 
the SDN approach. The data plane consists of physical switches and virtual switches. 
In both cases, the switches are responsible for forwarding packets. The internal 
implementation of buffers, priority parameters, and other data structures related to 
forwarding can he vendor dependent. However, each switch must implement a model, 
or abstraction, of packet forwarding that is uniform and open to the SDN controllers. 
This model is defined in terms of an open application programming interface 
(API) between the control plane and the data plane (southbound API). The most prom¬ 
inent example of such an open API is OpenFlow, discussed in Chapter 4, “SDN Data 
Plane and OpenFlow.” As Chapter 4 explains, the OpenFlow specification defines 
both a protocol between the control and data planes and an API by which the control 
plane can invoke the OpenFlow protocol. 


See Figure 
2 . 15 , 


Software 

Defined 

Networking 


application 
programming 
interface (API) 

A language and 
message format used 
by an application 
program to commu¬ 
nicate with the oper¬ 
ating system or some 
other control program 
such as a database 
management system 
(DBMS) or communi¬ 
cations protocol. APIs 
are implemented by 
writing function calls 
in the program, which 
provide the linkage 
to the required 
subroutine for 
execution. An open or 
standardized API can 
ensure the portability 
of the application 
code and the vendor 
independence of the 
called service. 
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FIGURE 3.3 Software-Defined Architecture 


See Chapter 
5, ‘‘SDN 
Control 
Plane ” 


SDN controllers can be implemented directly on a server or on a virtual server. 
OpenFlow or some other open API is used to control the switches in the data plane. 
In addition, controllers use information about capacity and demand obtained from the 
networking equipment through which the traffic flows. SDN controllers also expose 
northbound APIs, which allow developers and network managers to deploy a wide 
range of off-the-shelf and custom-built network applications, many of which were not 
feasible before the advent of SDN. As yet there is no standardized northbound API 
nor a consensus on an open northbound API. A number of vendors offer a REpre- 
sentational State Transfer (REST)-based API to provide a programmable interface to 
their SDN controller. 
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Also envisioned but not yet defined are horizontal APIs (east/westbound), which 
would enable communication and cooperation among groups or federations of 
controllers to synchronize state for high availability. 

At the application plane are a variety of applications that interact with SDN controllers. 
SDN applications are programs that may use an abstract view of the network for their 
decision-making goals. These applications convey their network requirements and 
desired network behavior to the SDN controller via a northbound API. Examples of 
applications are energy-efficient networking, security monitoring, access control, and 
network management. 


Characteristics of Software-Defined Networking 

Putting it all together, the key characteristics of SDN are as follows: 

■ The control plane is separated from the data plane. Data plane devices become 
simple packet-forwarding devices (refer back to Figure 3.2). 

■ The control plane is implemented in a centralized controller or set of coordi¬ 
nated centralized controllers. The SDN controller has a centralized view of the 
network or networks under its control. The controller is portable software that 
can run on commodity servers and is capable of programming the forwarding 
devices based on a centralized view of the network. 

■ Open interfaces are defined between the devices in the control plane 
(controllers) and those in the data plane. 

■ The network is programmable by applications running on top of the SDN 
controllers. The SDN controllers present an abstract view of network 
resources to the applications. 


3.3 SDN- and NFV-Related Standards 

Unlike some technology areas, such as Wi-Fi, there is no single standards body 
responsible for developing open standards for SDN and NFV. Rather, there is a 
large and evolving collection of standards-developing organizations (SDOs), industrial 
consortia, and open development initiatives involved in creating standards and 
guidelines for SDN and NFV. Table 3.1 lists the main SDOs and other organizations 
involved in the effort and the main outcomes so far produced. This section covers 
some of the most prominent efforts. 


standards 

Documents that 
provide require¬ 
ments, specifications, 
guideiines, or charac¬ 
teristics that can be 
used consistently to 
ensure that materials, 
products, processes, 
and services are fit for 
their purpose. Stan¬ 
dards are established 
by consensus among 
those participating in 
a standards-making 
organization and 
are approved by a 
generally recognized 
body. 

open standard 

A standard that is: 
developed on the 
basis of an open 
decision-making 
procedure available 
to all interested 
parties, is available 
for implementation 
to all on a royalty- 
free basis, and is 
intended to promote 
interoperability 
among products 
from multiple 
vendors. 
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TABLE 3.1 SDN and 


Organization 


Open Networking 
Foundation (ONF) 


Internet Engineering 
Task Force (IETF) 


European 

Telecommunications 
Standards Institute 
(ETSI) 

OpenDaylight 

International 
Telecommunication 
Union — 

Telecommunication 
Standardization Sector 
(ITU-T) 

Internet Research Task 
Force (IRTF) Software 
Defined Networking 
Research Group 
(SDNRG) 

Broadband Forum 
(BBF) 


Metro Ethernet Forum 
(MEF) 


IEEE 802 


Optical Internetworking 
Forum (OIF) 


NFV Open Standards Activities 

Mission 


An industry consortium dedicated 
to the promotion and adoption 
of SDN through open standard 
development. 

The Internet’s technical stan¬ 
dards body. Produces RFOs and 
Internet standards. 


An EU-sponsored standards 
organization that produces glob¬ 
ally applicable standards for 
information and communications 
technologies. 

A collaborative project under the 
auspices of the Linux Foundation. 

United Nations agency that pro¬ 
duces Recommendations with a 
view to standardizing telecommu¬ 
nications on a worldwide basis. 


Research group within IRTF. 
Produces SDN-related RFCs. 


Industry consortium developing 
broadband packet networking 
specifications. 

Industry consortium that pro¬ 
motes the use of Ethernet for 
metropolitan and wide-area appli¬ 
cations. 

An IEEE committee responsible 
for developing standards for 
LANs. 

Industry consortium promoting 
development and deployment of 
interoperable networking solu¬ 
tions and services for optical net¬ 
working products. 


SDN- and NFV-Related 
Effort 

OpenFlow 


Interface to routing sys¬ 
tems (I2RS) 

Service function chain¬ 
ing 

NFV architecture 


OpenDaylight 

SDN functional require¬ 
ments and architecture 


SDN architecture 


Requirements and 
framework for SDN in 
telecommunications 
broadband networks 

Defining APIs for service 
orchestration over SDN 
and NFV 

Standardize SDN capa¬ 
bilities on access net¬ 
works. 

Requirements on trans¬ 
port networks in SDN 
architectures 
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Organization 

Mission 

SDN- and NFV-Related 
Effort 

Open Data Center 
Alliance (ODCA) 

Oonsortium of leading IT organi¬ 
zations developing interoperable 
solutions and services for cloud 
computing. 

SDN usage model 

Alliance for 

Telecommunications 
Industry Solutions 
(ATIS) 

A standards organization that 
develops standards for the uni¬ 
fied communications (UC) indus¬ 
try. 

Operational opportuni¬ 
ties and challenges of 
SDN/NFV programmable 
infrastructure 

Open Platform for NFV 
(OPNFV) 

An open source project focused 
on accelerating the evolution of 
NFV. 

NFV infrastructure 


Standards-Developing Organizations 

The Internet Society, ITU-T, and ETSI are all making key contributions to the stan¬ 
dardization of SDN and NFV. 


Internet Society 

A number of standards-developing organizations (SDOs) are looking at 
various aspects of SDN. Perhaps the most active are two groups within the Internet 
Society (ISOC): IETF and IRTF. ISOC is the coordinating committee for Internet 
design, engineering, and management. Areas covered include the operation of the 
Internet itself and the standardization of protocols used by end systems on the Internet 
for interoperability. Various organizations under the ISOC are responsible for the 
actual work of standards development and publication. 

The Internet Engineering Task Force (IETF) has working groups developing SDN- 
related specifications in the following areas: 

■ Interface to routing systems (I2RS): Develop capabilities to interact with 
routers and routing protocols to apply routing policies. 

■ Service function chaining: Develop an architecture and capabilities for 
controllers to direct subsets of traffic across the network in such a way that 
each virtual service platform sees only the traffic it must work with. 

The Internet Research Task Force (IRTF) has published Software-Defined Networking 
(SDN): Layers and Architecture Terminology (RFC 7426, January 2015). The 
document provides a concise reference that reflects current approaches regarding 
the SDN layer architecture. The Request For Comments (RFC) also provides 
a useful discussion of the southbound API (Figure 3.3) and describes some specific 
APIs, such as for I2RS. 


standards- 

developing 
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(SDO) 

An official national, 
regional, or inter¬ 
national standards 
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coordinates the 
standard activities of 
a specific country, 
region or the 
world. Some SDOs 
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opment of standards 
through support of 
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may be directly 
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dards development. 
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archival series that 
is the official channel 
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including IETF and 
IRTF publications. An 
RFC may be informa¬ 
tional, best practice, 
draft standard, or 
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IRTF also sponsors the Software Defined Networking Research Group (SDNRG). 
This group investigates SDN from various perspectives with the goal of identifying 
the approaches that can be defined, deployed, and used in the near term and identi¬ 
fying future research challenges. 

ITU-T 

The International Telecommunication Union—Telecommunication Standardization 
Sector (ITU-T) is a UN agency that issues standards, called recommendations, in the 
telecommunications area. So far, their only published contribution to SDN is Recom¬ 
mendation Y.3300 {Framework of Software-Defined Networking, June 2014). The 
document addresses definitions, objectives, high-level capabilities, requirements, 
and high-level architecture of SDN. It provides a valuable framework for standards 
development. 

ITU-T has established a Joint Coordination Activity on Software-Defined Networking 
(JCA-SDN) and begun work on developing SDN-related standards. 

Four ITU-T study groups (SGs) are involved in SDN-related activities: 

■ SG 13 (Future networks, including cloud computing, mobile, and 
next-generation networks): This is the lead study group of SDN in ITU-T 
and developed Y.3300. This group is studying SDN and virtualization aspects 
for next-generation networks (NGNs). 

■ SG 11 (Signaling requirements, protocols, and test specifications): 

This group is studying the framework for SDN signaling and how to apply 
SDN technologies for IPv6. 

■ SG 15 (Transport, access, and home): This group looks at optical 
transport networks, access networks, and home networks. The group is investi¬ 
gating transport aspects of SDN, aligned with the Open Network Foundation’s 
SDN architecture. 

■ SG 16 (Multimedia): This group is evaluating OpenFlow as a protocol to 
control multimedia packet flows, and is studying virtual content delivery 
networks. 

European Telecommunications Standards Institute 

ETSI is recognized by the European Union as a European Standards Organization. 
However, this not-for-profit SDO has member organizations worldwide and its stan¬ 
dards have international impact. 

ETSI has taken the lead role in defining standards for NFV. ETSI’s Network Eunc- 
tions Virtualisation (NFV) Industry Specification Group (ISG) began work in January 
2013 and produced a first set of specifications in January 2015. The 11 specifications 
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include an NFV’s architecture, infrastructure, service quality metrics, management 
and orchestration, resiliency requirements, and security guidance. 


Industry Consortia 

Consortia for open standards began to appear in the late 1980s. There was a growing 
feeling within private-sector multinational companies that the SDOs acted too slowly 
to provide useful standards in the fast-paced world of technology. Recently, a number 
of consortia have become involved in the development of SDN and NFV standards. 
We mention here three of the most significant efforts. 

By far the most important consortium involved in SDN standardization is the 
Open Networking Foundation (ONF). ONF is an industry consortium dedicated to 
the promotion and adoption of SDN through open standards development. Its most 
important contribution to date is the OpenFlow protocol and APT The OpenFlow 
protocol is the first standard interface specifically designed for SDN and is already 
being deployed in a variety of networks and networking products, both hardware 
based and software based. The standard enables networks to evolve by giving logi¬ 
cally centralized control software the power to modify the behavior of network 
devices through a well-defined “forwarding instruction set.” Chapter 4 is devoted to 
this protocol. 

The Open Data Center Alliance (ODCA) is a consortium of leading global IT 
organizations dedicated to accelerating adoption of interoperable solutions and 
services for cloud computing. Through the development of usage models for SDN and 
NFV, ODCA is defining requirements for SDN and NFV cloud deployment. 

The Alliance for Telecommunications Industry Solutions (ATIS) is a membership 
organization that provides the tools necessary for the industry to identify standards, 
guidelines, and operating procedures that make the interoperability of existing and 
emerging telecommunications products and services possible. Although ATIS is 
accredited by ANSI, it is best viewed as a consortium rather than an SDO. So far, 
ATIS has issued a document that identifies operational issues and opportunities asso¬ 
ciated with increasing programmability of the infrastructure using SDN and NFV. 


See Chapter 
4, “SDN 
Data 

Plane and 
OpenFlow ” 


consortium 

A group of inde¬ 
pendent organiza¬ 
tions joined by 
common interests, 
in the area ot stan¬ 
dards deveiopment, 
a consortium typi- 
caiiy consists of 
individual corpora¬ 
tions and trade 
groups concerned 
with a specific area 
of technology. 


Open Development Initiatives 

There are a number of other organizations that are not specifically created by industry 
members and are not official bodies such as SDOs. Generally, these organizations are 
user created and driven and have a particular focus, always with the goal of devel¬ 
oping open standards or open source software. A number of such groups have become 
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See Section 
5.3, “Open- 
Daylight” 


See Section 
7.4, “NFV 
Benefits and 
Require¬ 
ments ” 


active in SDN and NFV standardization. This section lists three of the most significant 
efforts. 

OpenDaylight 

OpenDaylight is an open source software activity under the auspices of the Linux 
foundation. Its member companies provide resources to develop an SDN controller for 
a wide range of applications. Although the core membership consists of companies, 
individual developers and users can also participate, so OpenDaylight is more in 
the nature of an open development initiative than a consortium. ODL also supports 
network programmability via southbound protocols, a bunch of programmable 
network services, a collection of northbound APIs, and a set of applications. 

OpenDaylight is composed of about 30 projects, and releases their outputs in simul¬ 
taneous manner. After its first release. Hydrogen, in February 2014, it successfully 
delivered the second one, Helium, at the end of September 2014. 

Open Platform for NFV 

Open Platform for NFV is an open source project dedicated to acceleration the 
adoption of standardized NFV elements. OPNFV will establish a carrier-grade, 
integrated, open source reference platform that industry peers will build together to 
advance the evolution of NFV and to ensure consistency, performance, and interoper¬ 
ability among multiple open source components. Because multiple open source NFV 
building blocks already exist, OPNFV will work with upstream projects to coordinate 
continuous integration and testing while filling development gaps. 

OpenStack 

Opens tack is an open source software project that aims to produce an open source 
cloud operating system. It provides multitenant Infrastructure as a Service (laaS), and 
aims to meets the needs of public and private clouds regardless of size, by being simple 
to implement and massively scalable. SDN technology is expected to contribute to its 
networking part, and to make the cloud operating system more efficient, flexible, and 
reliable. 

OpenStack is composed of a number of projects. One of them, Neutron, is dedicated 
for networking. It provides Network as a Service (NaaS) to other OpenStack services. 
Almost all SDN controllers have provided plug-ins for Neutron, and through them 
services on OpenStack and other OpenStack services can build rich networking topol¬ 
ogies and can configure advanced network policies in the cloud. 
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3.4 Key Terms 

After completing this chapter, you should 

application programming interface (API) 

consortium 

datagram 

flow 

IEEE 802 
northbound API 
open standard 
packet switching 


be able to define the following terms. 

REpresentational State Transfer (REST) 
Request For Comments (RFC) 
service function chaining 
southbound API 
standard 

standards-developing organization (SDO) 
TCP/IP protocol architecture 
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SAL, 123 

Defense4All DDoS application, 157-159, 162 
architecture, 160-162 
context, 158 

detected attacks, mitigating, 159 
protection techniques, 158 
SDNi, 141-142 
VTN, 253-257 
architecture, 257 
Coordinator, 254 
elements, 254 
flows, 256 
Manager, 254 
mapping, 255 
OpenFlow, 89 
channels, 96 
defined, 95 

encapsulated packets. 111 
event-based messages. 111 
flow, 98, 111 
flow tables 
actions, 101 
action sets, 102 
entries, 98 

instructions component, 102 
match fields, 99-101 
nesting, 106-107 
pipeline, 102-105 
structure, 98 
group tables, 107-109 
action buckets, 108 
entries, 107 
group types, 108-109 
messages, 109-111 
ports, 96 
QoS, 296-298 
switches, 96-97 
VLAN support, 240 
OpenStack, 90, 126-127 
operating frequencies (RFID), 391 
operations 

cost savings, 253 
expenditure (OpEx), 191 
support system (OSS), 50 
technology (OT), 29, 407 
OpEx (operational expenditure), 191 
OPNFV (Open Platform for NFV), 196 
optical devices, 379-398 
OSGi (Open Service Gateway Initiative), 123 
OSS (operations support system), 50 
OSS/BSS (NFV MANO), 220 
OT (operational technology), 29, 407 
OVSDB (Open vSwitch Database Management 
Protocol), 116, 125-127 
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P_ 

PaaS (Platform as a Service), 353, 488 
PAAs (Policy Adaptation Actions), 156 
Packet Cable MultiMedia, 125 
packet-switched networks (PSNs), 244 
packets 
choke, 65 
Content, 169 
defined, 79 
delaying, 285 

delay variation (pdv), 294-295 

discarding, 273 

dropping, 285 

encapsulated. 111 

faces, 170 

flows, 80, 97 

forwarding, 56-57 

ISA router implementation, 275 
SDN, 83 
inspection, 184 
Interest, 169 
loss, 41 
marking, 270 
queue management, 270 
real-time transmission, 44 
scheduling, 275 
switching, 79 
variable-length, 44 
partitioning 
LANs, 233 
virtual, 212 
Pascal, 489 

passive measurement techniques, 295 
patching vulnerabilities (loT), 459 
payment RFID technology, 387 
PCEP (Path Computation Element Communication 
Protocol), 126 

PCMM (Packet Cable MultiMedia), 125 
pdv (packet delay variation), 294-295 
peering, 11 
perception, 306 
perceptual QoE, 54 

perform action on packet instructions, 102 
performance 

cloud computing, 50 
congestion 
ideal, 61-63 
practical, 63-64 

IP performance metrics, 293-296 
benefits, 293 
listing of, 293 

measurement techniques, 295 
need, 293 
pdv, 295 

sample metrics, 295 


stages, 294 

statistical metrics, 295 
QoE 

categories, 54 
challenges, 55 
defined, 54 
QoS, compared, 54 
SLAs, 281 

Persistent-Data object, 339 
personal technology, 29 

PfMP (Portfolio Management Professional), 486 
PfR (Cisco Performance Routing), 272 
PgMP (Program Management Professional), 486 
PHB (per-hop behavior), 286 

assured forwarding, 288-289 
class selector, 289-291 
default forwarding, 287 
DiffServ, 281 
expedited forwarding, 287 

physical devices/controllers level (IWF loT reference 
model), 403 

physical network function (PNF), 187 

physical port field (flow table match fields), 100 

physical ports, 96 

physical resources, 247 

Pig, 488 

pipelines (flow tables), 102-105 
egress processing, 105 
ingress processing, 104 
processing, 102-103 

Platform as a Service (PaaS), 353, 488 
platforms (ioBridge), 427 
RealTime.io, 430 
ThingSpeak, 428-429 
PLC (powerline carrier), 12 
Plugin20C, 126-127 

PMI-ACP (PMI Agile Certified Practitioner), 485 
PMI-PBA (PMI Professional in Business 
Analysis), 486 

PMP (Project Management Professional), 486 
pneumatic actuators, 381 
PNF (physical network function), 187 
PoE (Power over Ethernet), 12 
PDF (Protocol Oblivious Forwarding), 117 
points of presence (PoPs), 17, 187 
policing traffic, 270 
Policy Adaption Actions (PAAs), 156 
PolicyCop, 153-156 
architecture, 154 
control rules, 155 
features, 154 
modules, 155 
PAAs, 156 
workflow, 156 
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PoPs (points of presence), 17, 187 

Portfolio Management Professional (PfMP), 486 

ports, 96, 100 

position measuring devices, 378 
POST message type, 132 
Power over Ethernet (PoE), 12 
power workgroups, 16 
powerline carrier (PLC), 12 
POX, 115 

PQ (priority queuing), 278 
pressure/force sensors, 378 
printed circuit boards, 383 
priority entry (flow tables), 98 
privacy 
cloud 

infrastructure, 359 
perspective, 369 
SDN controllers, 134 

probes, 333 
processing 

big data, 48 

flow table pipelines, 102-103 
egress, 105 
ingress, 104 

processors 

application, 383 
dedicated, 383 
micro, 383-384 
multicore, 384 

PROD (production), 471 
professionals 

certification programs, 480-487 
cloud computing, 482-483 
IT security, 487 
networking, 484 
project management, 485 
SDN, 481 

systems engineer, 486 
virtualization, 481-483 
emerging roles, 467 

responsibilities, 467-469 
SDN/NFV impacts, 469-470 
online resources, 489-490 
skills in demand, 488-489 
Program Management Professional (PgMP), 486 
programmability (DevOps), 477 
project management, 485 
Project Management Professional (PMP), 486 
protection. See also security 
cloud data, 452-453 
DDoS attacks, 157-159, 162 
protocols 
BGP 

defined, 136 
functions, 136 


routing between SDN domains, 138 
SDN QoS management, 138-140 
CoAP, 411-414 
formats, 412 

message exchange example, 414 
message method, 413 
messages, 412 
EGP, 59 
ERP, 136 
IGP, 59 
IP. See IP 
LISP, 126 
MPLS, 9 

neighbor acquisitions,/reachability 136 
network reachability, 137 
Oblivious Forwarding (POF), 117 
OpenFlow. See OpenFlow 
PCEP, 126 
Plugin Manager, 417 
reservation, 275 
routing, 57 
ERPs, 59 
IRPs, 58 
ISA, 275 

SDN data plane, 95 
SNMP, 126 
TCP 

congestion control, 267 
flags field (flow table match fields), 101 
source/destination ports (flow table match 
fields), 100 
TCP/IP, 79 
providers 

application, 6-7 

architectural components (cloud), 364 
bridge traffic ISID field (flow table match fields), 
100 

content, 7 
Internet media, 17 
network, 6 

proximity motion sensors, 378 
PSN (packet-switched networks), 244 
psychological QoE, 54 
public 

cloud infrastructure, 359 
safety loT services, 375 
Wi-Fi, 20 

Q_ 

QoE (Quality of Experience), 54, 266 

actionable, 330-331 
agents, 337 
APIs, 337 
master, 339 
objects, 338 
slave, 339 
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applications, 317 
categories, 54 
challenges, 55 
definitions, 306-308 
influences, 311-312 
layered model, 308-310 
mapping models, 323 

black-box media-based, 323-325 
choosing, 327 

glass-box parameter-based, 325-326 
gray-box, 326-327 

IP-oriented parameter-based, 327-329 
measurement, 312 

end-user device analytics, 315 
MOS (mean opinion score), 316-317 
objective assessment, 314-315 
subjective assessment, 312-314 
monitoring, 335-340 
agent objects, 338 
API layers, 337 
configurations, 335 
motivations, 301 

networks and services management, 318 
host-centric vertical handover, 341-342 
network-centric vertical handover, 342-344 
VoIP calls, 341 

online video content delivery, 302-303 

QoS, compared, 54 

service 

failures, 304 
monitoring, 317 

standardization projects, 304-305 
QoS (quality of service), 40, 266 

architecture, 268 

control plane, 271-272 
data plane, 269-271 
management plane, 272 
background, 267-268 
defined, 53, 266 
DiffServ. See DiffServ 
elastic traffic, 40 
IPPM, 293-296 
benefits, 293 

measurement techniques, 295 
metrics, listing of, 293 
need, 293 
pdv, 295 

sample metrics, 295 
stages, 294 

statistical metrics, 295 
ISA 

components, 274-275 
defined, 273 
design, 273-274 
flows, 273 
services, 276-279 
layered model, 308-310 


mapping models, 323 

black-box media-based, 323-325 
choosing, 327 

glass-box parameter-based, 325-326 
gray-box, 326-327 

IP-oriented parameter-based, 327-329 
modern networking schema, 72 
monitoring, 334-335 
online video content delivery, 303 
OpenFlow, 296-298 
policies, 272 

PolicyCopy application, 153-156 
architecture, 154 
control rules, 155 
features, 154 
modules, 155 
PAAs, 156 
workflow, 156 
properties, 53 
QoE, compared, 54 
routing, 272 
SDN 

managing with BGP, 138-140 
routing between domains, 137-138 
SLAs 

architecture, 292 
availability, 292 
features, 291 
latency, 292 
reliability, 293 
QUALINET, 304-308 
quality 

formation process, 307-308 
QoE definition, 306 

Quality of Experience. See QoE 
Quality of Service. See QoS 
QuEEN (Quality of Experience Estimators in 
Networks), 305 
querying resources, 416-417 
queues 

custom, 278 
data flows, 270 
disciplines, 277-279 
fair queuing, 279 
FIFQ, 277 
management, 270 
QpenFlow QoS support, 296 
priorities, 278 

R_ 

radio-frequency identification. See RFID 

random early detection (RED), 271 

RAN (radio access network), 224 

rapid service provisioning, 253 

rate based explicit congestion signaling, 67 
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RBAC (role-based access control) 


RBAC (role-based access control), 463 
read range (RFID tags), 390 
real-time, 43, 430 

communications (RTC), 33 
traffic 

continuous data sources, 44 
defined, 43 
delays, 43 
illustration, 43 
on/off sources, 44 
packet transmission, 44 
variable-length packets, 44 
recording traffic, 272 
Red Hat 

Certified Engineer (RHCE), 487 
Certified Systems Administrator (RHCSA), 487 
Enterprise Linux Atomic Host DevOps related 
products, 479 

RED (random early detection), 271 
reference points 

IND, 209 
NEV, 195 

references 

“Bandwidth Needs in Core and Aggregation Nodes 
in the Optical Transport Network” wehsite, 37 
Cisco Systems Internetworking Technology 
Handbook wehsite, 299 

IBM Study “Every Day We Create 2.5 Quintillion 
Bytes of Data” website, 73 
Inter-SDN Controller Communication: Using Border 
Gateway Protocol, 143 
loT World Forum website, 431 
Kemp Technologies blog “SDN is from Mars, NEV 
is from Venus” website, 229 
“SDI Wars: WTF Is Software Defined Center 
Infrastructure?” website, 263 
Telecom Lighthouse, 229 
reliability 

SDN controllers, 133 
SLAs, 293 

repositories, 219 

REpresentational State Transfer. See REST 
Request For Comments (RFC), 87 
requirements 

cloud computing, 50 
elastic traffic, 39 
evolving 

complex traffic patterns, 78 
demand increases, 77 
inadequate architectures, 79-80 
supply increases, 77 
inelastic traffic, 40-42 
loT security, 459-461 
modem networks, 80 
NEV, 192-193 
security, 435-436 


reservation protocols, 275 
reserving 

ports, 97 
resources, 272 

residential. See homes 
resolution, 380 
resources 

layers, 121 
NFVI, 220 
querying, 416-417 
reserving, 272 

responsibilities 

IT/network professionals, 467-469 

NIST cloud computing reference architecture, 

361, 364 

REST (REpresentational State Transfer), 128 

API example, 130-132 
constraints, 128-130 
cache, 129 
client-server, 128 
code-on-demand, 130 
layered system, 130 
stateless, 128 
uniform interface, 129 
defined, 128 

resource request/response handlers, 419 
URIs, 129 

restoring traffic, 272 
retail loT, 376 

RFC (Request For Comments), 87 
RFC 4594 (Configuration Guidelines for DiffServ 
Service Classes), 41 

RFID (radio-frequency identification), 387 

access control, 388 
anti-counterfeiting tool, 388 
applications, 387-389 
devices, 397 
functionalities, 391-392 
operating frequencies, 391 
payment/stored value systems, 387 
readers, 390 
tags, 389-390 

functionalities, 391-392 
operating frequencies, 391 
readers, 390 
types, 390 

tracking/identification, 387 

RHCE (Red Hat Certified Engineer), 487 

RHCSA (Red Hat Certified Systems Administrator), 487 

roles 

based access control (RBAC), 463 
IT professionals, 467 

responsibilities, 467-469 
SDN/NFV impacts, 469-470 
NIST cloud computing reference architecture, 361-364 
round-trip delay metric, 294 
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routing 

aggregation, 8 
algorithms, 273 
characteristics, 55-56 
core, 8 

elements, 59-60 
packet forwarding, 56-57 
peering, 11 
protocols, 57 
ERPs, 59 
IRPs, 58 
QoS, 272 

queuing disciplines, 277-279 
router elements, 59-60 
SDN 

controllers, 119-120 
domains, 137-138 

RStudio, 489 

RTC (real-time communications) dashboard, 33 
Ryu, 115 

s_ 

SaaS (Software as a Service), 352 

defined, 352 

OpenCrowd example SaaS services survey, 352-353 
subscrihers, 352 

SAL (service abstraction layer), 123 
Salesforce cloud computing certification 
programs, 482 
sample metrics, 295 

satellite TV end-to-end delivery chain, 301 
scalability, 216 

cloud computing, 50 
NV, 253 

SDN controllers, 133 

scheduling 

data flows, 270 
packets, 275 

scripting (DevOps), 477 

SCTP (Stream Control Transmission Protocol), 

100, 342 

“SDI Wars: WTF Is Software Defined Center 
Infrastructure?” website, 263 
SDI (software-defined infrastructure), 257 

applications, 258 
architecture, 261-262 
defined, 257 
features, 258-259 
NFV, 258 
SDN, 258 
SDS, 259-260 
SDK API (CM), 419 

SDN (software-defined networking), 67 

API, 83 


applications, 85, 145 
applications, 147 
data center networking, 162-168 
ICN, 168-173 
measurement, 157 
mobility/wireless, 168 
monitoring, 157 

network services abstraction layer, 146-152 
northbound interface, 146 
security, 157-162 
traffic engineering, 153-156 
user interface, 147 
certification programs, 481 
characteristics, 85 
cloud computing, 368-371 
controllers, 68 

application threats, 439 
centralized, 133 
distributed, 134 
federation, 135 
functions, 113-114 
HA clusters, 134 
IETF SDNi, 140-141 
implementing, 84, 115 
northbound interfaces, 117-119 
OpenDaylight modules, 126 
OpenDaylight SDNi, 141-142 
PolicyCop application, 155 
privacy, 134 

QoS management, 138-140 
reliability, 133 
routing, 119-120 

routing between domains, 137-138 
scalability, 133 
security threats, 439 
southbound interfaces, 116-117 
control plane, 68, 82, 113 
data plane, 68, 82 
functions, 93-94 
protocols, 95 
security threats, 437-439 
defined, 67 

deployment driving factors, 68-69 
domains, 133 
functionality, 67 

IT/network job position impact, 469-470 
ITU-T Y.3300 high-level architecture, 120-121 
mobility driving factor, 69 
modern networking schema, 72 
NFV 

relationship, 225-228 
similarities, 70 
NOS, 114 

OpenDaylight architecture, 122 

base network service functions, 124 

control plane/application plane functionality, 123 

flexibility, 123 
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Helium, 124 
layers, 122 
modules, 125-127 
SAL, 123 

OpenFlow. See OpenFlow 
packet forwarding, 83 
REST 

API example, 130-132 
constraints, 128-130 
defined, 128 
SDI, enabling, 258 
security 

controllers, 114 
goals, 157 

OpenDaylight Defense4All DDoS application, 
157-162 

software-defined, 440 
threats, 436, 439 
server virtualization, 68 
standards, 85-87 

industry consortiums, 89 
open development initiatives, 90 
SDOs, 87-89 

SDNi (Software-Defined Networking interface), 127 

aggregator, 127 
IETF, 140-141 
messages, 141 
OpenDaylight, 141-142 
wrappers, 127 

SDOs (standards-developing organizations), 87-89 
SDS (software-defined storage), 259-260 
SecaaS (Cloud Security as a Service), 453-456 

business continuity/disaster recovery, 456 
data loss prevention, 455 
encryption, 456 
lAM, 455 

intrusion management, 456 
network security, 456 
security assessments, 455 
SIEM, 456 
Web security, 455 

second generation (2G) cellular networks, 23 
Secure Network Bootstrapping Infrastructure 
(SNBi), 125 
security 

AAA 

authentication filter, 127 
OpenDaylight, 126 
big data concerns, 48 
certification programs, 487 
Cisco loT system, 425-426 
cloud computing, 446 
architecture, 448 
auditability, 449 
availability, 448-449 
compliance, 447 


controls, 457 

data protection, 448, 452-453 
governance, 447 

identity/access management, 448 
incident response, 448 
Security as a Service, 453-456 
sharing vendor resources, 449 
software isolation, 448 
subscriber protection, 450 
threats, 449-452 
trust, 447 
DDoS 

Defense4All application, 157-159, 162 
OpenDaylight, 127 
e-mail, 455 
encryption, 23 

information and event management (SIEM), 456 
loT, 458-459 

framework, 462-464 
patching vulnerabilities, 459 
requirements, 459-461 
services, 375 
IP (IPsec), 241-243 
network, 456 
NFV, 441 

attack surfaces, 441-444 
ETSI security perspective, 444-446 
techniques, 446 
privacy 

cloud, 359, 369 
SDN controllers, 134 
requirements, 435-436 
SDN 

controllers, 114 
goals, 157 

OpenDaylight Defense4All DDoS application, 
157-162 

software-defined, 440 
threats, 436, 439 
TLS, 438 
Web, 455 

select group type, 109 
sensing devices (loT), 396 
sensors, 377 

accuracy, 379 
defined, 377 
interfaces, 377 
loT, 29 
precision, 379 
resolution, 380 
technology, 29 
types, 378-379 
servers 
blade, 14 

centralized farms, 16 
data management, 46 
lotivity, 419 
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network management, 47 
virtualization, 68 

services 

abstraction layer (SAL), 123 
actionable QoE, 331 
class characteristics (traffic), 41 
cloud 

CaaS, 355 

cloud capability types, 356 

CompaaS, 356 

DSaaS, 356 

emerging, 357 

laaS, 354-355 

NaaS, 356 

PaaS, 353 

SaaS, 352-353 

XaaS, 357-358 

Cloud Security as a Service, 453-456 

business continuity/disaster recovery, 456 
data loss prevention, 455 
encryption, 456 
lAM, 455 

intrusion management, 456 
network security, 456 
security assessments, 455 
SIEM, 456 
Web security, 455 
differentiated. See DiffServ 
enterprise, 30 

function chaining (SEC), 126 
GBP, 126 
hijacking, 451 
loTivity Base, 415-420 
ISA, 276 

controlled load, 277 
guaranteed, 276 
queuing disciplines, 277-279 
LISP, 127 
monitoring 

categories, 332 
on-demand, 333 
probes, 333 
QoE, 317 
network 
NFV, 187 

SDN application plane abstraction layer, 146-152 
Opens tack, 126 
PaaS, 488 

provider perspective (cloud computing), 369 
QoE-based management 

host-centric vertical handover, 341-342 
network-centric vertical handover, 342-344 
VoIP calls, 341 
sectors (loT) 
buildings, 377 
consumer and home, 376 
energy, 377 


healthcare/life science, 376 
industrial, 376 
IT/networks, 375 
retail services, 376 
security/public safety, 375 
transportation, 376 
SNBi, 127 

use cases (NFV), 223-225 
CDNs, 224 

fixed access network functions, 225 
home environments, 224 
mobile cellular networks, 223 
RAN equipment, 224 

SFC (service function chaining), 126 
shaping 

DiffServ, 281 
traffic, 270, 285 

sharing 

technology threats, 451 
vendor resources, 449 

shortest path forwarding, 114 
SIEM (security information and event 
management), 456 

Simple Network Management Protocol (SNMP), 126 
singleton metrics, 294 
SIT (system integration testing), 471 
skills in demand, 488-489 
SLAs (service level agreements), 272 
architecture, 292 
availability, 292 
DiffServ, 281 
features, 291 
latency, 292 
reliability, 293 
slave QoE agents, 339 
smart home data models (CM), 419 
Smashwords.com, 263 

SNBi (Secure Network Bootstrapping Infrastructure), 
125-127 

SNMP (Simple Network Management Protocol), 126 

Soft Sensor Manager, 417 

software 

as a Service. See SaaS 

defined networking. See SDN 

Defined Networking interface. See SDNi 

isolation, 448 

security, 440 

storage (SDS), 259-260 

source/target IPv4 addresses in ARP payload field 
(flow table match fields), 100 
southbound interfaces, 116-117 
specialized sensors, 379 
specification abstraction, 149 
SSCP (Systems Security Certified Practitioner), 487 
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standards 

defined, 85 

developing organizations (SDOs), 87-89 
Ethernet, 14 
IEEE 802.IQ, 237-238 
NFV, 85-87, 186 

industry consortiums, 89 
open development initiatives, 90 
SDOs, 87-89 
open, 85 

QoE projects, 304-305 
QoS. See ISA 
SDN, 85-87 

industry consortiums, 89 
open development initiatives, 90 
SDOs, 87-89 
Wi-Fi, 21 

stateless constraint (REST), 128 
statistics 

manager 

OpenDaylight, 124 
SDN controllers, 114 
metrics, 295 
switch 

retrieving, 131 
updating, 132 
storage 

big data, 48 
cloud, 350 
loT, 30 
nodes, 206 

stored value systems RFID technology, 387 
Stream Control Transmission Protocol (SCTP), 
100, 342 

subjective assessment (QoE), 312-314 
subscriptions 

manager, 419 
protecting, 450 

SuperCloud DevOps related products, 479 
switches 

eswitch, 205 
LAN, 231 
Layer 3, 10 
legacy, 238 
QpenDaylight, 124 
QpenFlow, 96-97 
statistics 

retrieving, 131 
updating, 132 
ToR, 17 

symmetric messages, 110 
system integration testing (SIT), 471 
system-oriented actionable QoE, 330 
systems engineer certification programs, 486 
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tables 

flow 

actions, 101 
action sets, 102 
entries, 98 

instructions component, 102 
match fields, 99-101 
nesting, 106-107 
pipeline, 102-105 
structure, 98 
group 

action buckets, 108 
entries, 107 
group types, 108-109 
QpenFlow, 107-109 
QpenFlow logical switch, 97 
flow, 106-107 
group, 107-109 
tags (RFID), 389-390 

functionalities, 391-392 
operating frequencies, 391 
readers, 390 
read range, 390 
types, 390 

tail drop technique, 271 

Taylor & Francis Qnline website, 431 

TCAs (traffic conditioning agreements), 281 

TCP 

congestion control, 267 
flags field (flow table match fields), 101 
source/destination ports (flow table match fields), 
100 

TCP/IP 

characteristics, 79 
defined, 79 

technology development, 373 
Telecom Lighthouse website, 229 
temperature sensors, 379 
templates, 181 
things (loT), 396 
Things Manager, 417 
ThingSpeak, 428-429 

third generation (3G) cellular networks, 24 
threats 

cloud security, 449 

abuse/nefarious use, 450-452 
account/service hijacking, 451 
data loss/leakage, 451 
malicious insiders, 451 
shared technology issues, 451 
unknown risk profiles, 452 
unsecure interfaces/APIs, 450 
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SDN security, 436, 439 
application plane, 439 
control plane, 439 
data plane, 437-439 

three V’s (volume, velocity, variability), 48 
throughput, 40 

timeouts entry (flow tables), 98 
Timer object, 339 

TLS (Transport Layer Security), 437 
phases, 438 
security, 438 
TCP/IP architecture, 437 
token buckets, 285 
topology manager 
OpenDaylight, 124 
SDN controllers, 114, 120 
ToR (top-of-rack) switches, 17 
total elapsed time, 40 
tracking RFID technology, 387 
traditional architectures, 79-80 
traffic 

best effort, 267 
big data, 45 
analytics, 46 
areas of concern, 48 
defined, 45 

ecosystem example, 46-48 
infrastructures, 46 
three V’s, 48 
classification, 269, 285 
cloud computing, 48 
core, 50 
intercloud, 50 
intracloud, 49 
OSS, 50 

requirements, 50 
virtual machines, 49 
complex patterns, 78 
conditioning 

agreements, 281 
DiffServ, 281-285 
congestion. See congestion 
controlling, 271-272 
droppers, 285 
engineering, 153-156 
elastic 

applications, 39 
benefits, 40 
defined, 39 
delays, 39 
QoS, 40 

requirements, 39 
total elapsed time, 40 
flows 

classification, 269 
policing, 270 


shaping, 270 
VTN, 256 
inelastic 

defined, 40 
delays, 40 

internet requirements, 42 
packet loss, 41 
QoS requirements, 42 
requirements, 40 
service class characteristics, 41 
throughput, 40 
lower than best effort, 268 
markers, 285 
metering, 272, 285 
mobile, 51 

categories, 52 
growth, 52 
projections, 52 
wireless users, 52 
world total, calculating, 51 
packet marking, 270 
policing, 270 

queuing and scheduling, 270 
real-time 

continuous data sources, 44 
defined, 43 
delays, 43 
illustration, 43 
on/off sources, 44 
packet transmission, 44 
variable-length packets, 44 
recording, 272 
restoration, 272 
shaping, 270, 285 
specification (TSpec), 276 
TCP congestion control, 267 
transceivers, 386 
transmission technologies, 11 
cellular 

IG (first generation), 23 
2G (second generation), 23 
3G (third generation), 24 
4G (fourth generation), 24 
5G (fifth generation), 25 
defined, 23 
Ethernet 
carrier, 14 
data centers, 13 
data rates, 14-19 
defined, 11 
enterprise, 13 
homes, 12 
metro, 14 
offices, 12 
standards, 14 
WANs, 14 

Wi-Fi combination, 12 
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Wi-Fi 

data rates, 21-22 
defined, 19 
enterprise, 20 
homes, 20 
public, 20 
standards, 21 

transportation loT services, 376 
Transport Layer Security (TLS), 437-438 
trick mode, 302 
trust, 447 

TSpec (traffic specification), 276 

Tunnel IDs field (flow table match fields), 100 

tunnels, 245 

Type 1/Type 2 hypervisors, 183 

u_ 

UAT (user acceptance testing), 471 
UC (unified communications), 33 
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